Linux TCP/IP Netfilter Devel
[Prev Page][Next Page]
- Re: [libnftnl PATCH 2/2] Deprecate untyped data setters
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next,RFC 0/5] Netfilter egress hook
- From: Lukas Wunner <lukas@xxxxxxxxx>
- Re: [libnftnl PATCH 1/1] flowtable: Fix symbol export for clang
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] doc: fix missing family in plural forms list command.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: flowtable: add support for named flowtable listing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 2/2] Deprecate untyped data setters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 1/2] libnftnl.map: Export nftnl_{obj,flowtable}_set_data()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 1/2] libnftnl.map: Export nftnl_{obj,flowtable}_set_data()
- From: Phil Sutter <phil@xxxxxx>
- [tip: core/rcu] net/netfilter: Replace rcu_swap_protected() with rcu_replace_pointer()
- From: "tip-bot2 for Paul E. McKenney" <tip-bot2@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: Copy the right MAC address in hash:ip,mac IPv6 sets
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- Re: ipset make modules_install always fail unless module already loaded?
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- nft: secmark output not understood by parser
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] netfilter: nf_tables: Align nft_expr private data to 64-bit
- From: Lukas Wunner <lukas@xxxxxxxxx>
- [PATCH nf] netfilter: nf_tables: Align nft_expr private data to 64-bit
- From: Lukas Wunner <lukas@xxxxxxxxx>
- Re: [PATCH] ipset: Add wildcard support to net,iface
- From: Kristian Evensen <kristian.evensen@xxxxxxxxx>
- [libnftnl PATCH 1/1] flowtable: Fix symbol export for clang
- From: Marvin Schmidt <marvin_schmidt@xxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [nft PATCH v2] libnftables: Store top_scope in struct nft_ctx
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] libnftables: Store top_scope in struct nft_ctx
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH ghak90 V7 14/21] audit: contid check descendancy and nesting
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH nft] doc: fix missing family in plural forms list command.
- From: Eric Jallot <ejallot@xxxxxxxxx>
- [libnftnl PATCH 2/2] Deprecate untyped data setters
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/2] libnftnl.map: Export nftnl_{obj,flowtable}_set_data()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 11/12] nft: Support parsing lookup expression
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 07/12] nft: Introduce NFT_CL_SETS cache level
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 00/12] Implement among match support
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 08/12] nft: Support NFT_COMPAT_SET_ADD
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 02/12] nft: family_ops: Pass nft_handle to 'rule_find' callback
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 04/12] nft: family_ops: Pass nft_handle to 'rule_to_cs' callback
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 03/12] nft: family_ops: Pass nft_handle to 'print_rule' callback
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 09/12] nft: Bore up nft_parse_payload()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 10/12] nft: Embed rule's table name in nft_xt_ctx
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 05/12] nft: Keep nft_handle pointer in nft_xt_ctx
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 06/12] nft: Eliminate pointless calls to nft_family_ops_lookup()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 12/12] nft: bridge: Rudimental among extension support
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 01/12] nft: family_ops: Pass nft_handle to 'add' callback
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] src: flowtable: add support for named flowtable listing
- From: Eric Jallot <ejallot@xxxxxxxxx>
- Rearranging expressions in the rule
- From: "Serguei Bezverkhi (sbezverk)" <sbezverk@xxxxxxxxx>
- Re: [nft PATCH] mnl: Replace use of untyped nftnl data setters
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH] mnl: Replace use of untyped nftnl data setters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [conntrack-tools PATCH] docs: refresh references to /proc/net/core/rmem_default
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [conntrack-tools PATCH] docs: refresh references to /proc/net/core/rmem_default
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: Documentation question
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: Documentation question
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Documentation question
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Documentation question
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: Conntrack offload questions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 00/10] Reduce code size around arptables-nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables_offload: allow ethernet interface type only
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH net-next] inet: do not call sublist_rcv on empty list
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: doc: Document nfq_nlmsg_verdict_put_mark() and nfq_nlmsg_verdict_put_pkt()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue] src: doc: Document nfq_nlmsg_verdict_put_mark() and nfq_nlmsg_verdict_put_pkt()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- ipset make modules_install always fail unless module already loaded?
- From: Oskar Berggren <oskar.berggren@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables_offload: allow ethernet interface type only
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- [PATCH v2] [netfilter]: Fix skb->csum calculation when netfilter manipulation for NF_NAT_MANIP_SRC\DST is done on IPV6 packet.
- From: Praveen Chaudhary <praveen5582@xxxxxxxxx>
- [PATCH v2] [netfilter]: Fix skb->csum calculation when netfilter manipulation for NF_NAT_MANIP_SRC\DST is done on IPV6 packet.
- From: Praveen Chaudhary <praveen5582@xxxxxxxxx>
- Re: [PATCH net-next] inet: do not call sublist_rcv on empty list
- From: Nikolay Aleksandrov <nikolay@xxxxxxxxxxxxxxxxxxx>
- [nft PATCH] mnl: Replace use of untyped nftnl data setters
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH] tests/py: Fix test script for Python3 tempfile
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] tests/py: Fix test script for Python3 tempfile
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf-next] netfilter: nf_tables_offload: allow ethernet interface type only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- libnftnl: Attribute and data length validation for objects
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH net-next] inet: do not call sublist_rcv on empty list
- From: Leon Romanovsky <leon@xxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables_offload: support offload iif types meta offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables_offload: support offload iif types meta offload
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH net-next] inet: do not call sublist_rcv on empty list
- From: Florian Westphal <fw@xxxxxxxxx>
- general protection fault in ip6_sublist_rcv
- From: syzbot <syzbot+c54f457cad330e57e967@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [nft PATCH] mnl: Replace use of untyped nftnl data setters
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH trivial] net: Fix various misspellings of "connect"
- From: David Miller <davem@xxxxxxxxxxxxx>
- [iptables PATCH v2 00/10] Reduce code size around arptables-nft
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 05/10] xtables-arp: Drop generic_opt_check()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 06/10] Replace TRUE/FALSE with true/false
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 08/10] xtables-arp: Drop some unused variables
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 02/10] xshared: Share a common add_command() implementation
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 03/10] xshared: Share a common implementation of parse_rulenumber()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 07/10] xtables-arp: Integrate OPT_* defines into xshared.h
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 09/10] xtables-arp: Use xtables_parse_interface()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 01/10] ip6tables, xtables-arp: Drop unused struct pprot
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 10/10] nft-arp: Use xtables_print_mac_and_mask()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 04/10] Merge CMD_* defines
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables_offload: support offload iif types meta offload
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nft_meta: offload support for interface index
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 00/10] Reduce code size around arptables-nft
- From: Phil Sutter <phil@xxxxxx>
- Re: nftables: secmark support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [iptables PATCH 00/10] Reduce code size around arptables-nft
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf,v2] netfilter: nf_tables_offload: check for register data length mismatches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH] netfilter: nf_tables_offload: check for register data length mismatches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH 04/10] Merge CMD_* defines
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 06/10] Replace TRUE/FALSE with true/false
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 00/10] Reduce code size around arptables-nft
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 07/10] xtables-arp: Integrate OPT_* defines into xshared.h
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 10/10] nft-arp: Use xtables_print_mac_and_mask()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 08/10] xtables-arp: Drop some unused variables
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 02/10] xshared: Share a common add_command() implementation
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 03/10] xshared: Share a common implementation of parse_rulenumber()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 01/10] ip6tables, xtables-arp: Drop unused struct pprot
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 05/10] xtables-arp: Drop generic_opt_check()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 09/10] xtables-arp: Use xtables_parse_interface()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: nft_cmp: check for register data length mismatches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 04/21] audit: convert to contid list to check for orch/engine ownership
- From: Neil Horman <nhorman@xxxxxxxxxxxxx>
- Re: [PATCH 0/5] Netfilter/IPVS fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 4/5] ipvs: move old_secure_tcp into struct netns_ipvs
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 5/5] netfilter: nft_payload: fix missing check for matching length in offloads
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 3/5] ipvs: don't ignore errors in case refcounting ip_vs module fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/5] netfilter: nf_flow_table: set timeout before insertion into hashes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 2/5] netfilter: nf_tables_offload: restore basechain deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/5] Netfilter/IPVS fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 2/5] netfilter: nft_tunnel: support NFT_TUNNEL_IPV4_SRC/DST match
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH libnfnetlink v3 0/2] Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnfnetlink v3 1/2] Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnfnetlink v3 2/2] Make it clear that this library is deprecated
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] src: doc: Document nfq_nlmsg_verdict_put_mark() and nfq_nlmsg_verdict_put_pkt()
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH 00/31] Netfilter/IPVS updates for net-next
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH AUTOSEL 5.3 49/99] netfilter: conntrack: avoid possible false sharing
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 06/31] netfilter: ipset: move function to ip_set_bitmap_ip.c.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 02/31] netfilter: ipset: remove inline from static functions in .c files.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 04/31] netfilter: ipset: move functions to ip_set_core.c.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 08/31] ipvs: no need to update skb route entry for local destination packets.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 10/31] ipvs: batch __ip_vs_dev_cleanup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 12/31] selftests: netfilter: add ipvs nat test case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 11/31] selftests: netfilter: add ipvs test script
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 16/31] netfilter: conntrack: free extension area immediately
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 19/31] netfilter: nf_flow_table: move priority to struct nf_flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 21/31] netfilter: nf_tables: allow netdevice to be used only once per flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 22/31] netfilter: nf_tables: increase maximum devices number per flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 23/31] netfilter: nf_tables_offload: add nft_flow_block_chain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 25/31] netfilter: nf_tables_offload: add nft_flow_cls_offload_setup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 20/31] netfilter: nf_tables: dynamically allocate hooks per net_device in flowtables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 24/31] netfilter: nf_tables_offload: Pass callback list to nft_setup_cb_call()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 27/31] netfilter: nf_tables: support for multiple devices per netdev hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 29/31] netfilter: nf_tables_offload: add nft_chain_offload_cmd()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 30/31] netfilter: nf_tables_offload: add nft_flow_block_offload_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 31/31] netfilter: nf_tables_offload: unbind if multi-device binding fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 17/31] netfilter: add and use nf_hook_slow_list()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 18/31] netfilter: nft_tproxy: Fix typo in IPv6 module description.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 28/31] netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 26/31] netfilter: nf_tables_offload: remove rules on unregistered device only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 15/31] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 14/31] netfilter: ecache: document extension area access rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 13/31] selftests: netfilter: add ipvs tunnel test case
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 09/31] ipvs: batch __ip_vs_cleanup
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 07/31] netfilter: ipset: move ip_set_get_ip_port() to ip_set_bitmap_port.c.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 03/31] netfilter: ipset: move ip_set_comment functions from ip_set.h to ip_set_core.c.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 05/31] netfilter: ipset: make ip_set_put_flags extern.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 01/31] netfilter: ipset: add a coding-style fix to ip_set_ext_destroy.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 00/31] Netfilter/IPVS updates for net-next
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] mnl: remove artifical cap on 8 devices per flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v3] src: add multidevice support for netdev chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft,v2] src: add multidevice support for netdev chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft,v2] src: add multidevice support for netdev chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl,v2] chain: multi-device support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl,v2] flowtable: device array dynamic allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 2/2] xshared: Introduce struct argv_store
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 1/2] iptables-xml: Use add_param_to_argv()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [GIT PULL] IPVS fixes for v5.4
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnfnetlink v2 2/2] Make it clear that this library is deprecated
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnfnetlink v2 1/2] Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnfnetlink v2 0/2] Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 04/21] audit: convert to contid list to check for orch/engine ownership
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [iptables PATCH] xtables-arp: Use xtables_ipparse_multiple()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 04/21] audit: convert to contid list to check for orch/engine ownership
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 05/21] audit: log drop of contid on exit of last task
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 08/21] audit: add contid support for signalling the audit daemon
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [iptables PATCH] xtables-arp: Use xtables_ipparse_multiple()
- From: Phil Sutter <phil@xxxxxx>
- [PATCH AUTOSEL 5.3 11/33] netfilter: conntrack: avoid possible false sharing
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.3 16/33] netfilter: connlabels: prefer static lock initialiser
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH 2/2] ipvs: move old_secure_tcp into struct netns_ipvs
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 1/2] ipvs: don't ignore errors in case refcounting ip_vs module fails
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [GIT PULL] IPVS fixes for v5.4
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables_offload: support offload iif types meta offload
- Re: KASAN: use-after-free Read in nf_ct_deliver_cached_events
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH trivial] net: Fix various misspellings of "connect"
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: KASAN: use-after-free Read in nf_ct_deliver_cached_events
- From: syzbot <syzbot+c7aabc9fe93e7f3637ba@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 14/21] audit: contid check descendancy and nesting
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: KASAN: use-after-free Read in nf_ct_deliver_cached_events
- From: syzbot <syzbot+c7aabc9fe93e7f3637ba@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [iptables PATCH v3 3/7] xtables-restore: Introduce line parsing function
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 0/7] Improve xtables-restore performance
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 7/7] tests: shell: Add ipt-restore/0007-flush-noflush_0
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 6/7] xtables-restore: Improve performance of --noflush operation
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 2/7] xtables-restore: Introduce struct nft_xt_restore_state
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 4/7] xtables-restore: Remove some pointless linebreaks
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 5/7] xtables-restore: Allow lines without trailing newline character
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 1/7] xtables-restore: Integrate restore callbacks into struct nft_xt_restore_parse
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft 2/4] py: add missing output flags.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH trivial] net: Fix various misspellings of "connect"
- From: Kalle Valo <kvalo@xxxxxxxxxxxxxx>
- Re: [PATCH nft 2/4] py: add missing output flags.
- From: Phil Sutter <phil@xxxxxx>
- [PATCH trivial] net: Fix various misspellings of "connect"
- From: Geert Uytterhoeven <geert+renesas@xxxxxxxxx>
- Re: How to implement transparent proxy in bridge through nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next 5/5] netfilter: nft_tunnel: add nft_tunnel_get_offload support
- [PATCH nf-next 2/5] netfilter: nft_tunnel: support NFT_TUNNEL_IPV4_SRC/DST match
- [PATCH nf-next 3/5] netfilter: nft_tunnel: add inet type check in nft_tunnel_mode_validate
- [PATCH nf-next 4/5] netfilter: nft_tunnel: support NFT_TUNNEL_IPV6_SRC/DST match
- [PATCH nf-next 0/5] netfilter: nft_tunnel: support tunnel match expr offload
- [PATCH nf-next 1/5] netfilter: nft_tunnel: add nft_tunnel_mode_validate function
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nft 2/4] py: add missing output flags.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables_offload: Fix unbind devices when subsequent device bind failed
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/4] py: add missing output flags.
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf] netfilter: nft_payload: fix check the match len for offload to hw
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/3] netfilter: nf_tables_offload: add nft_flow_block_offload_init()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/3] netfilter: nf_tables_offload: unbind if multi-device binding fails
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/3] netfilter: nf_tables_offload: add nft_chain_offload_cmd()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/4] py: add missing output flags.
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Phil Sutter <phil@xxxxxx>
- Re: How to implement transparent proxy in bridge through nftables
- From: Ttttabcd <ttttabcd@xxxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_payload: fix check the match len for offload to hw
- [PATCH nf-next] netfilter: nf_tables_offload: Fix unbind devices when subsequent device bind failed
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 4/4] main: remove duplicate output flag assignment.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 3/4] main: add missing `OPT_NUMERIC_PROTO` long option.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 2/4] py: add missing output flags.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft 1/4] doc: add missing output flag documentation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] Revert "main: Fix for misleading error with negative chain priority"
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next] netfilter: nf_conntrack: introduce conntrack limit per-zone
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next] netfilter: nf_conntrack: introduce conntrack limit per-zone
- From: Tonghao Zhang <xiangxia.m.yue@xxxxxxxxx>
- Re: [PATCH net-next] netfilter: nf_conntrack: introduce conntrack limit per-zone
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] xtables-restore: Unbreak *tables-restore
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next] netfilter: nf_conntrack: introduce conntrack limit per-zone
- From: xiangxia.m.yue@xxxxxxxxx
- Re: [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next,RFC 2/2] netfilter: nf_tables: add encapsulation support
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH nft 1/4] doc: add missing output flag documentation.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 4/4] main: remove duplicate output flag assignment.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 3/4] main: add missing `OPT_NUMERIC_PROTO` long option.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 2/4] py: add missing output flags.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft 0/4] Output Flag Fixes
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH tip/core/rcu 08/10] net/netfilter: Replace rcu_swap_protected() with rcu_replace()
- Re: nftables: secmark support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- nftables: secmark support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH nf-next,RFC 1/2] netfilter: nf_tables: add decapsulation support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,RFC 2/2] netfilter: nf_tables: add encapsulation support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next,RFC 0/2] nf_tables encapsulation/decapsulation support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- KASAN: use-after-free Read in nf_ct_deliver_cached_events
- From: syzbot <syzbot+c7aabc9fe93e7f3637ba@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: How to implement transparent proxy in bridge through nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- How to implement transparent proxy in bridge through nftables
- From: Ttttabcd <ttttabcd@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Neil Horman <nhorman@xxxxxxxxxxxxx>
- Re: [PATCH nft v3 0/2] Add option to omit sets elements from listings.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [iptables PATCH] xtables-restore: Unbreak *tables-restore
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft v3 0/2] Add option to omit sets elements from listings.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH nft v3 1/2] src: use `-T` as the short option for `--numeric-time`.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft v3 2/2] src: add --terse to suppress output of set elements.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft v3 0/2] Add option to omit sets elements from listings.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [nft PATCH] main: Fix for misleading error with negative chain priority
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] main: Fix for misleading error with negative chain priority
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft v2] src: extend --stateless to suppress output of non-dynamic set elements.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft v2] src: extend --stateless to suppress output of non-dynamic set elements.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nft] main: misleading error reporting in chain definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] parser_json: Fix checking of parse_policy() return code
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] tproxy: Add missing error checking when parsing from netlink
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] main: misleading error reporting in chain definitions
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] main: misleading error reporting in chain definitions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] parser_json: Fix checking of parse_policy() return code
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH] tproxy: Add missing error checking when parsing from netlink
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v2] xtables-restore: Fix --table parameter check
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH v2] xtables-restore: Fix --table parameter check
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] src: extend --stateless to suppress output of non-dynamic set elements.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nft] src: extend --stateless to suppress output of non-dynamic set elements.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- CFS for Netdev 0x14 open!
- From: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
- Re: [PATCH nf v2] ipvs: don't ignore errors in case refcounting ip_vs module fails
- From: Julian Anastasov <ja@xxxxxx>
- Re: xtables-addons akmods Builds Failing on Linux Kernel 5.3.6 - Log Sample - xt_DHCPMAC.c
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- xtables-addons akmods Builds Failing on Linux Kernel 5.3.6 - Log Sample - xt_DHCPMAC.c
- From: Matt Olson <lkml@xxxxxxxxxxxxxxxxxxx>
- [PATCH nf-next,v2 5/5] netfilter: nf_tables: support for multiple devices per netdev hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf v2] ipvs: don't ignore errors in case refcounting ip_vs module fails
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
- Re: [iptables PATCH] xtables-restore: Fix --table parameter check
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH] xtables-restore: Fix --table parameter check
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH ghak90 V7 20/21] audit: add capcontid to set contid outside init_user_ns
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 016/100] netfilter: ipset: Make invalid MAC address checks consistent
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [iptables PATCH] xtables-restore: Fix --table parameter check
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH 1/2] iptables-xml: Use add_param_to_argv()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/2] xshared: Introduce struct argv_store
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH] nft: Use ARRAY_SIZE() macro in nft_strerror()
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] xtables-restore: Fix --table parameter check
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH] xtables-restore: Fix --table parameter check
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH] xtables-restore: Fix --table parameter check
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nf] netfilter: nf_tables_offload: restore basechain deletion
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next v2] netfilter: nf_tables: add vlan support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: add vlan support
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH nf-next v2] netfilter: nf_tables: add vlan support
- Re: [PATCH nf-next] netfilter: nf_tables: add vlan support
- From: wenxu <wenxu@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: nf_tables: add vlan support
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH 3/8] xtables-restore: Introduce rule counter tokenizer function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: nf_tables: add vlan support
- Re: [iptables PATCH 6/8] xtables-restore: Drop pointless newargc reset
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH 3/8] xtables-restore: Introduce rule counter tokenizer function
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] src: add multidevice support for netdev chain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 2/2] chain: multi-device support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnftnl 1/2] flowtable: device array dynamic allocation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 8/8] xtables-restore: Drop chain_list callback
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 7/8] xtables-restore: Drop local xtc_ops instance
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 6/8] xtables-restore: Drop pointless newargc reset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 5/8] iptables-restore: Constify struct iptables_restore_cb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 4/8] xtables-restore: Constify struct nft_xt_restore_cb
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 3/8] xtables-restore: Introduce rule counter tokenizer function
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 2/8] xtables-restore: Use xt_params->program_name
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH 1/8] xtables-restore: Treat struct nft_xt_restore_parse as const
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [iptables PATCH 1/8] xtables-restore: Treat struct nft_xt_restore_parse as const
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 3/8] xtables-restore: Introduce rule counter tokenizer function
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 8/8] xtables-restore: Drop chain_list callback
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 5/8] iptables-restore: Constify struct iptables_restore_cb
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 0/8] A bit of *tables-restore review fallout
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 4/8] xtables-restore: Constify struct nft_xt_restore_cb
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 7/8] xtables-restore: Drop local xtc_ops instance
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 6/8] xtables-restore: Drop pointless newargc reset
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH 2/8] xtables-restore: Use xt_params->program_name
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft,v2] src: restore --echo with anonymous sets
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft,v2] src: restore --echo with anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Jakub Kicinski <jakub.kicinski@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] src: restore --echo with anonymous sets
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: restore --echo with anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 4/4] rule: Fix for single line ct timeout printing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 4/4] rule: Fix for single line ct timeout printing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 4/4] rule: Fix for single line ct timeout printing
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets
- From: Phil Sutter <phil@xxxxxx>
- Re: [nft PATCH 4/4] rule: Fix for single line ct timeout printing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 3/4] tests/monitor: Fix for changed ct timeout format
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 1/4] monitor: Add missing newline to error message
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 2/2,v2] flowtable: fix memleak in exit path
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft 1/2] src: define flowtable device compound as a list
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: ecache: document extension area access rules
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH trivial] netfilter: nft_tproxy: Fix typo in IPv6 module description.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next 0/2] netfilter: conntrack: free extension area immediately
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH 0/6] [GIT PULL ipvs-next] IPVS updates for v5.5
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH] obj/ct_timeout: Fix NFTA_CT_TIMEOUT_DATA parser
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v4 1/8] nft-cache: Introduce cache levels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH 4/4] rule: Fix for single line ct timeout printing
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 3/4] tests/monitor: Fix for changed ct timeout format
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [nft PATCH 1/4] monitor: Add missing newline to error message
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Jakub Kicinski <jakub.kicinski@xxxxxxxxxxxxx>
- [nft PATCH 4/4] rule: Fix for single line ct timeout printing
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 1/4] monitor: Add missing newline to error message
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 0/4] A bunch of fixes for --echo option
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo"
- From: Phil Sutter <phil@xxxxxx>
- [nft PATCH 3/4] tests/monitor: Fix for changed ct timeout format
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH] obj/ct_timeout: Fix NFTA_CT_TIMEOUT_DATA parser
- From: Phil Sutter <phil@xxxxxx>
- feature request, way to check specific IP/port/protocol/etc
- From: Dmitri Seletski <drjoms@xxxxxxxxx>
- Re: [PATCH nftables v2 1/2] cli: add linenoise CLI implementation.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 5/5] netfilter: nf_tables: support for multiple devices per netdev hook
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/5] netfilter: nf_tables_offload: remove rules on unregistered device only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/5] netfilter: nf_tables_offload: add nft_flow_cls_offload_setup()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/5] netfilter: nf_tables_offload: Pass callback list to nft_setup_cb_call()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/5] netfilter: nf_tables_offload: add nft_flow_block_chain()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/5] Hook multiple netdevices to basechain
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/4] netfilter: nf_tables: dynamically allocate hooks per net_device in flowtables
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 4/4] netfilter: nf_tables: increase maximum devices number per flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 3/4] netfilter: nf_tables: allow only one netdev per flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 1/4] netfilter: nf_flow_table: move priority to struct nf_flowtable
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 0/4] flowtable updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables v2 1/2] cli: add linenoise CLI implementation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nftables v2 1/2] cli: add linenoise CLI implementation.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH libnfnetlink 0/1] Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] nfnetlink_cthelper: make userspace conntrack helpers with priv data work again
- From: a_hungrig <a_hungrig@xxxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [libnftnl PATCH v2] set_elem: Validate nftnl_set_elem_set() parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 4/6] set: Don't bypass checks in nftnl_set_set_u{32,64}()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH v2] set_elem: Validate nftnl_set_elem_set() parameters
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 4/6] set: Don't bypass checks in nftnl_set_set_u{32,64}()
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 3/6] set_elem: Validate nftnl_set_elem_set() parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 4/6] set: Don't bypass checks in nftnl_set_set_u{32,64}()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 3/6] set_elem: Validate nftnl_set_elem_set() parameters
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 4/6] set: Don't bypass checks in nftnl_set_set_u{32,64}()
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 3/6] set_elem: Validate nftnl_set_elem_set() parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 3/6] set_elem: Validate nftnl_set_elem_set() parameters
- From: Phil Sutter <phil@xxxxxx>
- Re: [libnftnl PATCH 6/6] obj/tunnel: Fix for undefined behaviour
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 4/6] set: Don't bypass checks in nftnl_set_set_u{32,64}()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 3/6] set_elem: Validate nftnl_set_elem_set() parameters
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 2/6] set_elem: Fix return code of nftnl_set_elem_set()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH 1/6] obj: ct_timeout: Check return code of mnl_attr_parse_nested()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [nft PATCH] mnl: Don't use nftnl_set_set()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [nft PATCH] mnl: Don't use nftnl_set_set()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 6/6] obj/tunnel: Fix for undefined behaviour
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 2/6] set_elem: Fix return code of nftnl_set_elem_set()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 4/6] set: Don't bypass checks in nftnl_set_set_u{32,64}()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 0/6] A series of covscan-indicated fixes
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 1/6] obj: ct_timeout: Check return code of mnl_attr_parse_nested()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 5/6] obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
- From: Phil Sutter <phil@xxxxxx>
- [libnftnl PATCH 3/6] set_elem: Validate nftnl_set_elem_set() parameters
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] flowtable: fix memleak in exit path
- From: Eric Jallot <ejallot@xxxxxxxxx>
- [PATCH nft] rule: fix flowtable memleaks
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf-next 2/2] netfilter: conntrack: free extension area immediately
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 1/2] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v2 nf-next 0/2] netfilter: conntrack: free extension area immediately
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH v4 1/8] nft-cache: Introduce cache levels
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 8/8] nft: Optimize flushing all chains of a table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 7/8] nft: Support nft_is_table_compatible() per chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 0/8] Improve iptables-nft performance with large rulesets
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 3/8] nft-cache: Cover for multiple fetcher invocation
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 2/8] nft-cache: Fetch only chains in nft_chain_list_get()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 5/8] nft-cache: Support partial rule cache per chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 6/8] nft: Reduce cache overhead of nft_chain_builtin_init()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v4 4/8] nft-cache: Support partial cache per table
- From: Phil Sutter <phil@xxxxxx>
- Re: First Contribution
- From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
- Re: First Contribution
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
- [RFC PATCH] net: flow_offload: tc_proto_udp_hdr[] can be static
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nftables v2 1/2] cli: add linenoise CLI implementation.
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 6/6] selftests: netfilter: add ipvs tunnel test case
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 5/6] selftests: netfilter: add ipvs nat test case
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 2/6] ipvs: batch __ip_vs_cleanup
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 3/6] ipvs: batch __ip_vs_dev_cleanup
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 4/6] selftests: netfilter: add ipvs test script
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 0/6] [GIT PULL ipvs-next] IPVS updates for v5.5
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH 1/6] ipvs: no need to update skb route entry for local destination packets.
- From: Simon Horman <horms@xxxxxxxxxxxx>
- AW: [PATCH nftables v2 0/2] Add Linenoise support to the CLI.
- From: "Priebe, Sebastian" <sebastian.priebe@xxxxxx.group>
- Re: [PATCH net-next,v5 2/4] net: flow_offload: bitwise AND on mangle action value field
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH net-next,v5 1/4] net: flow_offload: flip mangle action mask
- From: Jiri Pirko <jiri@xxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: kbuild test robot <lkp@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: kbuild test robot <lkp@xxxxxxxxx>
- [PATCH net-next,v5 3/4] net: flow_offload: mangle action at byte level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v5 4/4] netfilter: nft_payload: packet mangling offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v5 2/4] net: flow_offload: bitwise AND on mangle action value field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v5 1/4] net: flow_offload: flip mangle action mask
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v5 0/4] flow_offload: update mangle action representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net-next,v4 0/4] flow_offload: update mangle action representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v4 2/4] net: flow_offload: mangle action at byte level
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v4 4/4] net: flow_offload: add flow_rule_print()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v4 3/4] netfilter: nft_payload: packet mangling offload support
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v4 1/4] net: flow_offload: bitwise AND on mangle action value field
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH net-next,v4 0/4] flow_offload: update mangle action representation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: kbuild test robot <lkp@xxxxxxxxx>
- First Contribution
- From: UDAY MEWADA <udaymewada1@xxxxxxxxx>
- xtables-addons GEOIP not matching chain
- From: Marco Sommella <marco.sommella@xxxxxxxxx>
- [PATCH nf-next] netfilter: ctnetlink: don't dump ct extensions of unconfirmed conntracks
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list()
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libmnl] include: add MNL_SOCKET_DUMP_SIZE definition
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nf_flow_table: set timeout before insertion into hashes
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] expression: extend 'nft describe' to allow listing data types
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnfnetlink 0/1] Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnfnetlink 1/1] src: Minimally resurrect doxygen documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH nf-next] netfilter: ecache: document extension area access rules
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH trivial] netfilter: nft_tproxy: Fix typo in IPv6 module description.
- From: Norman Rasmussen <norman@xxxxxxxxxxxxxxx>
- [PATCH nft] expression: extend 'nft describe' to allow listing data types
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf] ipvs: don't ignore errors in case refcounting ip_vs module fails
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH nf] ipvs: don't ignore errors in case refcounting ip_vs module fails
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Phil Sutter <phil@xxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v6 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 18/21] audit: track container nesting
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 17/21] audit: add support for loginuid/sessionid set/get by netlink
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 16/21] audit: add support for contid set/get by netlink
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 15/21] sched: pull task_is_descendant into kernel/sched/core.c
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 14/21] audit: contid check descendancy and nesting
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 13/21] audit: NETFILTER_PKT: record each container ID associated with a netNS
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 12/21] audit: add support for containerid to network namespaces
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 08/21] audit: add contid support for signalling the audit daemon
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 06/21] audit: contid limit of 32k imposed to avoid DoS
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 05/21] audit: log drop of contid on exit of last task
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH ghak90 V7 04/21] audit: convert to contid list to check for orch/engine ownership
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list()
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- [PATCH v2 nf-next] netfilter: add and use nf_hook_slow_list()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nf-next] netfilter: add and use nf_hook_slow_list()
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [PATCH nf-next] netfilter: add and use nf_hook_slow_list()
- From: Edward Cree <ecree@xxxxxxxxxxxxxx>
- [PATCH] ipset: Copy the right MAC address in hash:ip,mac IPv6 sets
- From: Stefano Brivio <sbrivio@xxxxxxxxxx>
- [PATCH v6 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v6 3/3] selftests: netfilter: add ipvs tunnel test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v6 2/3] selftests: netfilter: add ipvs nat test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v6 1/3] selftests: netfilter: add ipvs test script
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v5 1/3] selftests: netfilter: add ipvs test script
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH nft,v2] datatype: display description for header field < 8 bits
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: conntrack: avoid possible false sharing
- From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
- Re: [PATCH net] netfilter: conntrack: avoid possible false sharing
- From: Jakub Kicinski <jakub.kicinski@xxxxxxxxxxxxx>
- Re: [PATCH net] netfilter: conntrack: avoid possible false sharing
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] datatype: display description for header field < 8 bits
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] ipvs: more robust refcounting when sync thread starts
- From: Julian Anastasov <ja@xxxxxx>
- [PATCH AUTOSEL 4.19 18/26] netfilter: nft_connlimit: disable bh on garbage collection
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH net] netfilter: conntrack: avoid possible false sharing
- From: Eric Dumazet <edumazet@xxxxxxxxxx>
- Re: [PATCH tip/core/rcu 8/9] net/netfilter: Replace rcu_swap_protected() with rcu_replace()
- From: "Paul E. McKenney" <paulmck@xxxxxxxxxx>
- Re: [PATCH nf] ipvs: more robust refcounting when sync thread starts
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
- [PATCH nf-next] netfilter: add and use nf_hook_slow_list()
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH v5 1/3] selftests: netfilter: add ipvs test script
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v5 3/3] selftests: netfilter: add ipvs tunnel test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v5 2/3] selftests: netfilter: add ipvs nat test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v5 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- Re: [libnftnl PATCH v2] set: Export nftnl_set_list_lookup_byname()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nft] src: obj: fix memleak in parser_bison.y
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] checksum: Fix TCP/UDP checksum computation on big endian arches
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] segtree: always close interval in non-anonymous sets
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 03/11] nft: Extract cache routines into nft-cache.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 02/11] nft: Avoid nested cache fetching
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v3 01/11] nft: Pass nft_handle to flush_cache()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [libnftnl PATCH v2] set: Export nftnl_set_list_lookup_byname()
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH nft] tests: shell: fix failed tests due to missing quotes
- From: Phil Sutter <phil@xxxxxx>
- [PATCH nft] tests: shell: fix failed tests due to missing quotes
- From: Eric Jallot <ejallot@xxxxxxxxx>
- [iptables PATCH v3 03/11] nft: Extract cache routines into nft-cache.c
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 06/11] nft-cache: Cover for multiple fetcher invocation
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 01/11] nft: Pass nft_handle to flush_cache()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 00/11] Improve iptables-nft performance with large rulesets
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 11/11] nft: Optimize flushing all chains of a table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 09/11] nft: Reduce cache overhead of nft_chain_builtin_init()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 07/11] nft-cache: Support partial cache per table
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 10/11] nft: Support nft_is_table_compatible() per chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 08/11] nft-cache: Support partial rule cache per chain
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 04/11] nft-cache: Introduce cache levels
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 05/11] nft-cache: Fetch only chains in nft_chain_list_get()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v3 02/11] nft: Avoid nested cache fetching
- From: Phil Sutter <phil@xxxxxx>
- Re: [PATCH tip/core/rcu 8/9] net/netfilter: Replace rcu_swap_protected() with rcu_replace()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: obj: fix memleak in parser_bison.y
- From: Eric Jallot <ejallot@xxxxxxxxx>
- [PATCH] checksum: Fix TCP/UDP checksum computation on big endian arches
- From: Alin Nastac <alin.nastac@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue 0/5] clang and documentation updates
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v4 1/3] selftests: netfilter: add ipvs test script
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH nf-next v6 0/8] netfilter: nf_tables_offload: support tunnel offload
- From: wenxu <wenxu@xxxxxxxxx>
- [PATCH libnetfilter_queue 2/5] src: Enable clang build
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 0/5] clang and documentation updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 1/5] src: doc: Miscellaneous updates
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 5/5] src: doc: Minor fix
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 3/5] doxygen: remove EXPORT_SYMBOL from the output
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH libnetfilter_queue 4/5] src: Fix invalid conversion specifier
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/7] ipset: remove static inline functions
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf-next 0/7] ipset: remove static inline functions
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- Re: [PATCH] libmnl: doxygen: remove EXPORT_SYMBOL from the output
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH] libmnl: doxygen: remove EXPORT_SYMBOL from the output
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libmnl] src: fix doxygen function documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libmnl] src: fix doxygen function documentation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] BUG: src: Update UDP header length field after mangling
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] BUG: src: Update UDP header length field after mangling
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH v4 2/3] selftests: netfilter: add ipvs nat test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v4 1/3] selftests: netfilter: add ipvs test script
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v4 3/3] selftests: netfilter: add ipvs tunnel test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v4 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH net-next] net, uapi: fix -Wpointer-arith warnings
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH net-next] net, uapi: fix -Wpointer-arith warnings
- From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
- [PATCH nf-next 0/7] ipset: remove static inline functions
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 2/7] netfilter: ipset: remove inline from static functions in .c files.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 1/7] netfilter: ipset: add a coding-style fix to ip_set_ext_destroy.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 3/7] netfilter: ipset: move ip_set_comment functions from ip_set.h to ip_set_core.c.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 6/7] netfilter: ipset: move function to ip_set_bitmap_ip.c.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 4/7] netfilter: ipset: move functions to ip_set_core.c.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 5/7] netfilter: ipset: make ip_set_put_flags extern.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- [PATCH nf-next 7/7] netfilter: ipset: move ip_set_get_ip_port() to ip_set_bitmap_port.c.
- From: Jeremy Sowden <jeremy@xxxxxxxxxx>
- Re: [PATCH nf] ipvs: more robust refcounting when sync thread starts
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH] Fix a missing doxygen section trailer in nlmsg.c
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: Add wildcard support to net,iface
- From: Kristian Evensen <kristian.evensen@xxxxxxxxx>
- [PATCH tip/core/rcu 8/9] net/netfilter: Replace rcu_swap_protected() with rcu_replace()
- Re: [PATCH] Fix a missing doxygen section trailer in nlmsg.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH 0/2] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- [PATCH 2/2] netfilter: nft_connlimit: disable bh on garbage collection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 1/2] netfilter: drop bridge nf reset from nf_reset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH 0/2] Netfilter fixes for net
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH] ipset: Add wildcard support to net,iface
- From: Kadlecsik József <kadlec@xxxxxxxxxxxxxxxxx>
- [PATCH nf] ipvs: more robust refcounting when sync thread starts
- From: Davide Caratti <dcaratti@xxxxxxxxxx>
- Re: [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Simon Horman <horms@xxxxxxxxxxxx>
- [PATCH] Fix a missing doxygen section trailer in nlmsg.c
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH v2 1/3] selftests: netfilter: add ipvs test script
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- Re: [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH iptables] extensions: add libxt_SYNPROXY xlate method
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 5.2 17/63] netfilter: nf_tables: allow lookups in dynamic sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 12/43] netfilter: nf_tables: allow lookups in dynamic sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 09/29] netfilter: nf_tables: allow lookups in dynamic sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH net] netfilter: drop bridge nf reset from nf_reset
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH AUTOSEL 5.3 18/71] netfilter: nf_tables: allow lookups in dynamic sets
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH v3 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 2/3] selftests: netfilter: add ipvs nat test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 1/3] selftests: netfilter: add ipvs test script
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- [PATCH v3 3/3] selftests: netfilter: add ipvs tunnel test case
- From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 0/2] ipvs: speedup ipvs netns dismantle
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH] ipvs: no need to update skb route entry for local destination packets.
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH v2 1/3] selftests: netfilter: add ipvs test script
- From: Simon Horman <horms@xxxxxxxxxxxx>
- Re: [PATCH] netfilter:get_next_corpse():No need to double check the *bucket
- From: Florian Westphal <fw@xxxxxxxxx>
- [PATCH] netfilter:get_next_corpse():No need to double check the *bucket
- Re: [PATCH libnetfilter_queue] checksum: Fix UDP checksum calculation
- From: Alin Năstac <alin.nastac@xxxxxxxxx>
- Re: [PATCH libnetfilter_queue] BUG: src: Fix UDP checksum calculation
- From: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
- [PATCH iptables] extensions: add libxt_SYNPROXY xlate method
- From: "Jose M. Guisado Gomez" <guigom@xxxxxxxxxx>
- Re: [iptables PATCH v2 08/24] nft: Fetch only chains in nft_chain_list_get()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/2] ipvs: speedup ipvs netns dismantle
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH v2 0/3] selftests: netfilter: introduce test cases for ipvs
- From: Julian Anastasov <ja@xxxxxx>
- Re: [PATCH] ipvs: no need to update skb route entry for local destination packets.
- From: Julian Anastasov <ja@xxxxxx>
- Re: [iptables PATCH v2 08/24] nft: Fetch only chains in nft_chain_list_get()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 04/24] nft: Fix for add and delete of same rule in single batch
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 17/24] xtables-restore: Carry in_table in struct nft_xt_restore_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 17/24] xtables-restore: Carry in_table in struct nft_xt_restore_parse
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 03/24] tests: shell: Support running for legacy/nft only
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [libnftnl PATCH] set: Export nftnl_set_list_lookup_byname()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [iptables PATCH] iptables-test: Run tests in lexical order
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libnetfilter_queue] BUG: src: Fix UDP checksum calculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH libnetfilter_queue] checksum: Fix UDP checksum calculation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH libmnl] src: fix doxygen function documentation
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- Re: [PATCH nf] netfilter: nft_connlimit: disable bh on garbage collection
- From: Laura Garcia <nevola@xxxxxxxxx>
- Re: [PATCH nft] src: obj: fix memleak in handle_free()
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nf] netfilter: nft_connlimit: disable bh on garbage collection
- From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
- [PATCH nft] src: obj: fix memleak in handle_free()
- From: Eric Jallot <ejallot@xxxxxxxxx>
- [PATCH net] netfilter: drop bridge nf reset from nf_reset
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: Please add Bridge NAT in nftables
- From: Ttttabcd <ttttabcd@xxxxxxxxxxxxxx>
- Re: Please add Bridge NAT in nftables
- From: Florian Westphal <fw@xxxxxxxxx>
- Please add Bridge NAT in nftables
- From: Ttttabcd <ttttabcd@xxxxxxxxxxxxxx>
- Re: [PATCH 0/5] Netfilter fixes for net
- From: David Miller <davem@xxxxxxxxxxxxx>
- Re: [iptables PATCH v2 06/24] xtables-restore: Minimize caching when flushing
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v2 05/24] nft: Make nftnl_table_list_get() fetch only tables
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v2 04/24] nft: Fix for add and delete of same rule in single batch
- From: Florian Westphal <fw@xxxxxxxxx>
- Re: [iptables PATCH v2 03/24] tests: shell: Support running for legacy/nft only
- From: Florian Westphal <fw@xxxxxxxxx>
- [iptables PATCH v2 12/12] nft: bridge: Rudimental among extension support
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 00/12] Implement among match support
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 09/12] nft: Bore up nft_parse_payload()
- From: Phil Sutter <phil@xxxxxx>
- [iptables PATCH v2 05/12] nft: Keep nft_handle pointer in nft_xt_ctx
- From: Phil Sutter <phil@xxxxxx>
[Index of Archives]
[LARTC]
[Berkeley Packet Filter]
[Bugtraq]
[Yosemite News]
[Samba]
